New research reveals cyber ignorance putting businesses at risk

BAE Systems has launched a new online cyber risk assessment tool in response to research that indicates weaknesses in UK businesses’ cyber security measures. The tool will enable organisations to test the status of their cyber precautions against 10 key questions, based on 10 Steps to Cyber Security guidance from the UK government’s national technical authority for information assurance, the CESG.

The recent study, which surveyed UK business leaders on their cyber security preparedness in the event of a serious network breach, showed that one in five don’t know if their organisation has the right security controls in place. Many of those who are confident about their defences admit they have not had their incident response plans tested for at least six months.

The research highlighted that 79% of respondents believe that they have the appropriate security controls in place to defend against cyber attacks. And yet more than half (57%) of those surveyed said they had experienced a cyber attack in the past year – with the average cost being revealed as at least £330,000. For one in ten though, it can cost up to £1million. For businesses, being cyber-ready has never been more important says BAE Systems.

“The research confirms that cyber security is no longer merely a technical issue, but a challenge for the board. Around a fifth of the businesses we talked to said they either didn’t know or weren’t confident that they could return to business as usual within 48 hours of a serious cyber attack.

“Businesses need to ensure they have the right people, process and tools in place, so when a major incident occurs they are equipped to understand, contain and remediate. If action isn’t taken immediately, the price of cyber ignorance – for the company and the wider economy – could be severe.”

The online cyber risk tool will enable businesses to measure their cyber security preparedness across 10 key elements of information and communications technology (ICT) security and can be found here: www.baesystems.com/takethetest

About the Cyber Risk tool
BAE Systems Cyber Risk tool is a simple online evaluation that businesses can use to assess their cyber security strengths and weaknesses and understand where there might be vulnerabilities to attack. The tool is based on CESG’s 10 steps to cyber security guidance.

About the research
Conducted by independent technology market research provider, Vanson Bourne on behalf of BAE Systems, the survey polled 100 business leaders from UK private sector organisations with more than 1,000 employees. Respondents were C-suite level (CIO, CISO etc) or decision makers (management, department heads etc.) within their IT department.

Average number of months since most recent cyber-attack: 9

Average cost of most recent cyber-attack: £330, 328

About BAE Systems
At BAE Systems, we provide some of the world’s most advanced, technology-led defence, aerospace and security solutions and employ a skilled workforce of some 83,400 people in over 40 countries. Working with customers and local partners, we develop, engineer, manufacture and support products and systems to deliver military capability, protect national security and people and keep critical information and infrastructure secure.

At BAE Systems Applied Intelligence, we help nations, governments and businesses around the world defend themselves against cybercrime, reduce their risk in the connected world, comply with regulation, and transform their operations.

We do this using our unique set of solutions, systems, experience and processes - often collecting and analysing huge volumes of data. These, combined with our Cyber Special forces - some of the most skilled people in the world, enable us to defend against cyber-attacks, fraud and financial crime, enable intelligence-led policing and solve complex data problems.

We employ over 4,200 people across 18 countries in the Americas, APAC, UK and EMEA. For further information about BAE Systems Applied Intelligence, please visit www.baesystems.com/businessdefence